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Primary cae : CVSS Source & Patch 
Vendor -- Product Description Publiened Score Info 
Bidirectional Communication Interface (BCI) IEC 60870-5-104 
function of Hitachi Energy RTU500 series allows an attacker to 
cause the receiving RTU500 CMU of which the BCI is enabled to CVE-2021-35533 
abb -- rtu500_firmware reboot when receiving a specially crafted message. By default, 2021-11-26 LA AAMT 


BCI IEC 60870-5-104 function is disabled (not configured). This CONFIRM 


issue affects: Hitachi Energy RTU500 series CMU Firmware 
version 12.0.* (all versions); CMU Firmware version 12.2.* (all 
versions); CMU Firmware version 12.4.* (all versions). 


The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow 
lower privileged users to access MSRs in kernel which may lead 
to privilege escalation and ring-0 code execution by the lower 
privileged user. 


attendance_management_system_pfaifsttdance management system 1.0 is affected by a SQL injection 
-- vulnerability in admin/incFunctions.php through the makeSafe 2021-12-01 io 
attendance_management_system _|/function. 








CVE-2021-26334 


amd -- amd_uprof MISC 


2021-12-01 


Io 


Improper Input Validation vulnerability in the APDU parser in the 








CVE-2021-44280 
MISC 








Barracuda Network Access Client before 5.2.2 creates a 
‘Temporary File in a Directory with Insecure Permissions. This file 
is executed with SYSTEM privileges when an unprivileged user 
performs a repair operation. 


CVE-2021-42711 


barracuda -- network_access_client MISC 


2021-12-01 











BaserCMS is an open source content management system with a 
focus on Japanese language support. In affected versions users 
with upload privilege may upload crafted zip files capable of path 
basercms -- basercms traversal on the host operating system. This is a vulnerability that || 2021-11-26 
needs to be addressed when the management system is used by 
an unspecified number of users. If you are eligible, please update 
to the new version as soon as possible. 


CVE-2021-41279 
There is a Potential Zip Slip Vulnerability and OS Command 


CONFIRM 
MISC 


KO 











Injection Vulnerability on the management system of baserCMS. 
Users with permissions to upload files may upload crafted zip files 
which may execute arbitrary commands on the host operating 
system. This is a vulnerability that needs to be addressed when 
the management system is used by an unspecified number of 
users. If you are eligible, please update to the new version as 
soon as possible. 


Missing Rate Limiting in Web Applications operating on Business- 
DNA Solutions GmbHa€™s TopEaseA® Platform Version <= 
businessdnasolutions -- topease 7.1.27 on the Login Form allows an unauthenticated remote 2021-11-30 
attacker to perform multiple login attempts, which facilitates 
gaining privileges. 


CVE-2021-41243 
CONFIRM 
MISC 


basercms -- basercms 2021-11-26 


Io 








CVE-2021-42544 
CONFIRM 
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prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 
firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and 
prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC- 
2533GST2 firmware v1.25 and prior) allows a network-adjacent 
unauthenticated attacker to bypass access restriction, and to start 
the telnet service and execute an arbitrary OS command via 
unspecified vectors. 

















MISC 


Prima aT : CVSS Source & Patch 
Vendor -- Pde Description Published Score Info 

The Contest Gallery WordPress plugin before 13.1.0.6 does not 

have capability checks and does not sanitise or escape the cg- 

search-user-name-original parameter before using it in a SQL CVE-2021-24915 
contest_gallery -- contest_gallery __||statement when exporting users from a gallery, which could allow || 2021-11-29 L5 MISC 

unauthenticated to perform SQL injections attacks, as well as get MISC 

the list of all users registered on the blog, including their username 

and email address 

Dell EMC Streaming Data Platform versions before 1.3 contain an 
dell -- Insufficient Session Expiration Vulnerability. A remote 2021-11-30 75 CVE-2021-36330 
emc_streaming_data_platform unauthenticated attacker may potentially exploit this vulnerability E MISC 

to reuse old session artifacts to impersonate a legitimate user. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33266 
dlink -- dir-809_firmware stack buffer overflow vulnerability in the function FUN_8004776c 2021-12-01 10 MISC 

in /formVirtualApp. This vulnerability is triggered via a crafted MISC 

POST request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33267 
dlink -- dir-809_ firmware stack buffer overflow vulnerability in the function FUN_80034d60 2021-12-01 10 MISC 

in /formStaticDHCP. This vulnerability is triggered via a crafted MISC 

POST request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33274 
dlink -- dir-809_ firmware stack buffer overflow vulnerability in the function FUN_80040af8 in|| 2021-12-01 10 MISC 

/formWlanSetup. This vulnerability is triggered via a crafted POST MISC 

request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33271 
dlink -- dir-809_ firmware stack buffer overflow vulnerability in the function sub_80046EB4 in|| 2021-12-01 10 MISC 

/formSetPortTr. This vulnerability is triggered via a crafted POST MISC 

request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33268 
dlink -- dir-809_firmware stack buffer overflow vulnerability in the function sub_8003183C in|| 2021-12-01 10 MISC 

/fromLogin. This vulnerability is triggered via a crafted POST MISC 

request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33265 
dlink -- dir-809_ firmware stack buffer overflow vulnerability in the function FUN_80046eb4 2021-12-01 L2 MISC 

in /formSetPortTr. This vulnerability is triggered via a crafted MISC 

POST request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33269 
dlink -- dir-809_ firmware stack buffer overflow vulnerability in the function FUN_8004776c 2021-12-01 10 MISC 

in /formVirtualServ. This vulnerability is triggered via a crafted MISC 

POST request. 

D-Link DIR-809 devices with firmware through DIR- 

809Ax_FW1.12WWB03_20190410 were discovered to contain a CVE-2021-33270 
dlink -- dir-809_ firmware stack buffer overflow vulnerability in the function FUN_800462c4 2021-12-01 10 MISC 

in /formAdvFirewall. This vulnerability is triggered via a crafted MISC 

POST request. 

The vulnerabilty was discovered in ActiveX module related to 

NeoRS remote support program. This issue allows an remote CVE-2020-7880 
gouzong- neors attacker to download and execute remote file. It is because of 202171130 23 MISC 

improper parameter validation of StartNeoRS function in ActiveX. 

Improper access control vulnerability in ELECOM routers (WRC- 

1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware 

v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, 

WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W 

firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, 

WRC-1750GSV firmware v2.11 and prior, WRC-1900GST 
elecom -—- wre-1167gst2_ firmware _ firmware v1.03 and prior, WRC-2533GST firmware v1.03 and ait | a a 
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Prima sii : CVSS Source & Patch 
Vendor -- Pde Description Published Score Info 
ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, 
WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H 
firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and 
prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS 
firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and CVE-2021-20859 
elecom — wre-1167gst2_firmware |Prior, WRC 1800GST firmware v1.03 and prior, WRC-2533GST || 5994-42-01 | zz  |IMISC 
= firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and ae MISC 
prior, WRC-2533GST2 firmware v1.25 and prior, WRC- roe es 
2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G 
firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 
and prior) allows a network-adjacent authenticated attacker to 
execute an arbitrary OS command via unspecified vectors. 
OS command injection vulnerability in ELECOM routers (WRC- 
1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware 
v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, 
WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W 
firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, 
WRC-1750GSV firmware v2.11 and prior, WRC-1900GST CVE-2021-20863 
elecom -- wrc-1167gst2_firmware __||firmware v1.03 and prior, WRC-2533GST firmware v1.03 and 2021-12-01 Kok MISC 
prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 MISC 
firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and 
prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC- 
2533GST2 firmware v1.25 and prior) allows a network-adjacent 
authenticated attackers to execute an arbitrary OS command with 
the root privilege via unspecified vectors. 
employee_record_management_sys{S@Lpndgation vulnerability exists in PHPGURUKUL Employee CVE-2021-43451 
-- Record Management System 1.2 via the Email POST parameter 2021-12-01 T5 Msc 
employee_record_management_sysjenforgetpassword.php. ——- 
An issue was discovered on Victure WR1200 devices through 
1.0.3. The root SSH password never gets updated from its default CVE-2021-43284 
govicture -- wr1200_ firmware value of admin. This enables an attacker to gain control of the 2021-11-30 L2 MISC 
device through SSH (regardless of whether the admin password MISC 
was changed on the web interface). 
An issue was discovered on Victure WR1200 devices through 
1.0.3. A command injection vulnerability was found within the web 
interface of the device, allowing an attacker with valid credentials CVE-2021-43283 
govicture -- wr1200_firmware to inject arbitrary shell commands to be executed by the device 2021-11-30 9 MISC 
with root privileges. This occurs in the ping and traceroute MISC 
features. An attacker would thus be able to use this vulnerability to 
open a reverse shell on the device with root privileges. 
HejHome GKW-IC052 IP Camera contained a hard-coded CVE-2021-26611 
hej -- hejhome_gkw-ic052_firmware ||credentials vulnerability. This issue allows remote attackers to 2021-11-26 13 Msc =~SCOCSCS 
operate the IP Camera.(reboot, factory reset, snapshot etc..) o 
This affects all versions of package html-to-csv. When there is a 
formula embedded in a HTML page, it gets accepted without any CVE-2021-23654 
html2csv_project -- html2csv validation and the same would be pushed while converting it into a|| 2021-11-26 LS CONFIRM 
CSV file. Through this a malicious actor can embed or generate a CONFIRM 
malicious link or execute commands via CSV files. 
$ ; . In JetBrains TeamCity before 2021.1.3, the X-Frame-Options CVE-2021-43202 
jetbrains — teameity header is missing in sone cases. i 20211-30 | L5 MISC 
libretime hv3.0.0-alpha.10 is affected by a path manipulation 
eee site vulnerability in CVE-2021-43685 
lpretimè= libretime. ny (biobimastemiegaoyiappiicationimodalssrestconiroieraskowinad e Moe tha 23 MISC 
through the rename function. 
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Description 


Published 


CVSS 
Score 


Source & Patch 
Info 








mitsubishi -- melsec_iq- 
r_r00_cpu_firmware 


Improper Input Validation vulnerability in MELSEC iQ-R Series 
R00/01/02CPU Firmware versions "24" and prior, MELSEC iQ-R 
Series R04/08/16/32/120(EN)CPU Firmware versions "57" and 
prior, MELSEC iQ-R Series R08/16/32/120SFCPU All versions, 
MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions 
"29" and prior, MELSEC iQ-R Series R08/16/32/120PSFCPU All 
versions, MELSEC iQ-R Series R16/32/64MTCPU All versions, 
MELSEC iQ-R Series R12CCPU-V All versions, MELSEC Q 
Series QO3UDECPU All versions, MELSEC Q Series 
Q04/06/10/13/20/26/50/100UDEHCPU All versions, MELSEC Q 
Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 
"23071" and prior, MELSEC Q Series Q04/06/13/26UDPVCPU 
The first 5 digits of serial No. "23071" and prior, MELSEC Q 
Series Q12DCCPU-V All versions, MELSEC Q Series 
Q24DHCCPU-V(G) All versions, MELSEC Q Series 
Q24/26DHCCPU-LS All versions, MELSEC Q Series MR-MQ100 
All versions, MELSEC Q Series Q172/173DCPU-S1 All versions, 
MELSEC Q Series Q172/172DSCPU All versions, MELSEC Q 
Series Q170MCPU All versions, MELSEC Q Series 
Q170MSCPU(-S1) All versions, MELSEC L Series 
L02/06/26CPU(-P) All versions, MELSEC L Series L26CPU-(P)BT 
All versions and MELIPC Series MI5122-VW All versions allows a 
remote unauthenticated attacker to cause a denial-of-service 
(DoS) condition by sending specially crafted packets. System 
reset is required for recovery. 


2021-12-01 


CVE-2021-20611 
MISC 
MISC 
MISC 








mitsubishi -- melsec_iq- 
r_r00_cpu_firmware 


Improper Handling of Length Parameter Inconsistency 
vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware 
versions "24" and prior, MELSEC iQ-R Series 
R04/08/16/32/120(EN)CPU Firmware versions "57" and prior, 
MELSEC iQ-R Series R08/16/32/120SFCPU All versions, 
MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions 
"29" and prior, MELSEC iQ-R Series R08/16/32/120PSFCPU All 
versions, MELSEC iQ-R Series R16/32/64MTCPU All versions, 
MELSEC iQ-R Series R12CCPU-V All versions, MELSEC Q 
Series QO3UDECPU All versions, MELSEC Q Series 
Q04/06/10/13/20/26/50/100UDEHCPU All versions, MELSEC Q 
Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 
"23071" and prior, MELSEC Q Series Q04/06/13/26UDPVCPU 
The first 5 digits of serial No. "23071" and prior, MELSEC Q 
Series Q12DCCPU-V All versions, MELSEC Q Series 
Q24DHCCPU-V(G) All versions, MELSEC Q Series 
Q24/26DHCCPU-LS All versions, MELSEC Q Series MR-MQ100 
All versions, MELSEC Q Series Q172/173DCPU-S1 All versions, 
MELSEC Q Series Q172/172DSCPU All versions, MELSEC Q 
Series Q170MCPU All versions, MELSEC Q Series 
Q170MSCPU(-S1) All versions, MELSEC L Series 
L02/06/26CPU(-P) All versions, MELSEC L Series L26CPU-(P)BT 
All versions and MELIPC Series MI5122-VW All versions allows a 
remote unauthenticated attacker to cause a denial-of-service 
(DoS) condition by sending specially crafted packets. System 
reset is required for recovery. 


2021-12-01 


CVE-2021-20610 
MISC 
MISC 
MISC 








mitsubishi -- melsec_iq- 
r_r00_cpu_firmware 








Uncontrolled Resource Consumption vulnerability in MELSEC iQ- 
R Series ROO/01/02CPU Firmware versions "24" and prior, 
MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware 
versions "57" and prior, MELSEC iQ-R Series 
R08/16/32/120SFCPU All versions, MELSEC iQ-R Series 
R08/16/32/120PCPU Firmware versions "29" and prior, MELSEC 
iQ-R Series RO8/16/32/120PSFCPU All versions, MELSEC iQ-R 
Series R16/32/64MTCPU All versions, MELSEC iQ-R Series 
R12CCPU-V All versions, MELSEC Q Series QO3UDECPU All 
versions, MELSEC Q Series 
Q04/06/10/13/20/26/50/100UDEHCPU All versions, MELSEC Q 
Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. 
"23071" and prior, MELSEC Q Series Q04/06/13/26UDPVCPU 
The first 5 digits of serial No. "23071" and prior, MELSEC Q 
Series Q12DCCPU-V All versions, MELSEC Q Series 
Q24DHCCPU-V(G) All versions, MELSEC Q Series 
Q24/26DHCCPU-LS All versions, MELSEC Q Series MR-MQ100 
All versions, MELSEC Q Series Q172/173DCPU-S1 All versions, 
MELSEC Q Series Q172/172DSCPU All versions, MELSEC Q 
Series Q170MCPU All versions, MELSEC Q Series 
Q170MSCPU(-S1) All versions, MELSEC L Series 
L02/06/26CPU(-P) All versions, MELSEC L Series L26CPU-(P)BT 
All versions and MELIPC Series MI5122-VW All versions allows a 
remote unauthenticated attacker to cause a denial-of-service 
(DoS) condition by sending specially crafted packets. System 





reset is required for recovery. 








2021-12-01 








CVE-2021-20609 
MISC 
MISC 
MISC 
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Primary oe A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
# Vulnerability in ‘title’ function **Description**: the ‘title’ function 
defined in ‘lib/termsupport.zsh’ uses “print to set the terminal title 
to a user-supplied string. In Oh My Zsh, this function is always 
used securely, but custom user code could use the ‘title’ function CVE-2021-3726 
planetargon — oh_my_zsh in a way that is unsafe. **Fixed in*: [a263cdac] eee) Z5 [MISC 
(https://github.com/ohmyzsh/ohmyzsh/commit/a263cdac). 
**Impacted areas**: - ‘title’ function in ‘lib/termsupport.zsh’. - 
Custom user code using the ‘title’ function. 
# Vulnerability in ‘rand-quote’ and `hitokoto` plugins 
**Description**: the ‘rand-quote’ and `hitokoto` fetch quotes from 
quotationspage.com and hitokoto.cn respectively, do some 
process on them and then use ‘print -P` to print them. If these 
E quotes contained the proper symbols, they could trigger command 44. CVE-2021-3727 
planetargon — oh_my_zsh injection. Given that they're an external API, it's not possible to ee E30 LS MISC 
know if the quotes are safe to use. **Fixed in**: [72928432] 
(https://github.com/ohmyzsh/ohmyzsh/commit/72928432). 
**Impacted areas**: - ‘rand-quote’ plugin (‘quote’ function). - 
`hitokoto` plugin (`hitokoto` function). 
# Vulnerability in ‘pygmalion’, ‘pygmalion-virtualenv’ and “refined” 
themes **Description**: these themes use ‘print -P` on user- 
supplied strings to print them to the terminal. All of them do that on 
git information, particularly the branch name, so if the branch has CVE-2021-3769 
planetargon -- oh_my_zsh a specially-crafted name the vulnerability can be exploited. **Fixed|| 2021-11-30 10 Msc 
in**: [b3ba9978] (eer 
(https://github.com/ohmyzsh/ohmyzsh/commit/b3ba9978). 
**Impacted areas**: - ‘pygmalion’ theme. - ‘pygmalion-virtualenv’ 
theme. - ‘refined’ theme. 
A command injection vulnerability has been reported to affect 
QNAP device, VioStor. If exploited, this vulnerability allows remote CVE-2021-38685 
qnap -- qvr attackers to run arbitrary commands. We have already fixed this 2021-11-26 Fao) CONFIRM 
vulnerability in the following versions of QVR: QVR FW 5.1.6 build E 
20211109 and later 
An unauthenticated SQL Injection vulnerability in Rosario Student 
Information System (aka rosariosis) before 8.1.1 allows remote CVE-2021-44427 
rosariosis -- rosariosis attackers to execute PostgreSQL statements (e.g., SELECT, 2021-11-29 15 MISC. 
INSERT, UPDATE, and DELETE) through /Side.php via the syear i 
parameter. 
à ecshop v2.7.3 is affected by a SQL injection vulnerability in ETY CVE-2021-43679 
Shopéx = écshop shopex\ecshop\upload\api\client\api.php. 202171202 LS MISC 
Sunnet eHRD e-mail delivery task schedule’s serialization function 
has inadequate input object validation and restriction, which CVE-2021-43360 
sun -- ehrd allows a post-authenticated remote attacker with database access || 2021-12-01 9 CONFIRM 
privilege, to execute arbitrary code and control the system or e emcee 
interrupt services. 
Sunnet eHRD has inadequate filtering for special characters in 
URLs, which allows a remote attacker to perform path traversal CVE-2021-43358 
eur eld attacks without authentication, access restricted paths and 20215120] L CONFIRM 
download system files. 
Sunnet eHRD has broken access control vulnerability, which 
allows a remote attacker to access account management page CVE-2021-43359 
sun -- ehrd after being authenticated as a general user, then perform privilege || 2021-12-01 9 CONFIRM 
escalation to execute arbitrary code and control the system or —— 
interrupt services. 
tianocore -- edk2 NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. 2021-12-01 718 es 
An improper input validation leading to arbitrary file creation was 
discovered in copy method of Nexacro platform. Remote attackers ICVE-2021-26612 
tobesont= nexacro use copy method to execute arbitrary command after the file ADETE LS MISC 
creation included malicious code. 
tripexpress v1.1 is affected by a path manipulation vulnerability in 
: : ; file system/helpers/dompdf/load_font.php. The variable src is CVE-2021-43691 
tripexpress_project -- tripexpress coming from $_SERVER["argv"] then there is a path manipulation 2021-11-29 L5 MISC 
vulnerability. 
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file CVE-2021-43693 
vestacp -- vesta_control_panel web/add/user/index.php. 2021-11-29 | 15 MISC 
Sah coRDs Zoho ManageEngine Network Configuration Manager before CVE-2021-43319 
mana aaa ingnetwerk conn uratiqn pge iSo iş vulnerable to command injection due to improper 2021-11-30 LS MISC 
geengine_ —contiguralc).datigaih the Ping functionality. CONFIRM 
Zoho ManageEngine ServiceDesk Plus before 11306, CVE-2021-44077 
Sohneorb ServiceDesk Plus MSP before 10530, and SupportCenter Plus MISC 
mana ae ‘nes serwicedesk oiis before 11014 are vulnerable to unauthenticated remote code 2021-11-29 15 MISC 
geengine_ -P execution. This is related to /RestAPI URLs in a servlet, and MISC 
ImportTechnicians in the Struts configuration. MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
A Remote Command Execution vulnerability on the background in CVE-2021-44093 
Zrlog -- zrlog Zrlog 2.2.2, at the upload avatar function, could bypass the original|| 2021-11-28 Lo Mee 
limit, upload the JSP file to get a WebShell B 
Back to top 
Medium Vulnerabilities 
Primary mer A CVSS Source & Patch 
Vendor -- Product Description Poblisned | Score Info 





acronis -- agent 


Sensitive information could be logged. The following products are 


affected: Acronis Agent (Windows, Linux, macOS) before build 
27147 


2021-11-29 


CVE-2021-34800 


MISC 





acronis -- cyber_protect 


DLL hijacking could lead to local privilege escalation. The 
following products are affected: Acronis Cyber Protect 15 
(Windows) before build 28035 


2021-11-29 


CVE-2021-44198 


MISC 





acronis -- cyber_protect 


Cross-site scripting (XSS) was possible in notification pop-ups. 


The following products are affected: Acronis Cyber Protect 15 
(Windows, Linux) before build 28035 


2021-11-29 


CVE-2021-44201 


MISC 





actions-semi -- ats2819p_ firmware 


The Bluetooth Classic implementation on Actions ATS2815 


chipsets does not properly handle the reception of continuous 
unsolicited LMP responses, allowing attackers in radio range to 
trigger a denial of service and shutdown of a device by flooding 
the target device with LMP_features_res packets. 


2021-11-30 


CVE-2021-31787 


MISC 
MISC 
MISC 





afreecatv -- afreecatv 


The vulnerability function is enabled when the streamer service 


related to the AfreecaTV communicated through web socket using 
21201 port. A stack-based buffer overflow leading to remote code 
execution was discovered in strcpy() operate by "FanTicket" field. 

It is because of stored data without validation of length. 


2021-11-26 


Boon 


CVE-2020-7881 
MISC 





AOM v2.0.1 was discovered to contain a NULL pointer 


CVE-2020-36130 





















































craft a request where the response is large enough to overflow the 
preallocated buffer. This issue exists in service_attr_req gets 
called by process_request (in sdpd-request.c), which also 
allocates the response buffer. 

















aomedia=Aomedia dereference via the component av1/av1_dx_iface.c. 2021-12-02 4.3 MISC 
: : AOM v2.0.1 was discovered to contain a NULL pointer CVE-2020-36135 
aomedia -- aomedia dereference via the component rate_hist.c. 202151207 | 43 MISC 
aeimedia-=aomedia AOM v2.0.1 was discovered to contain a stack buffer overflow via 2021-12-02 6.8 CVE-2020-36129 
the component src/aom_image.c. MISC 
; : AOM v2.0.1 was discovered to contain a stack buffer overflow via CVE-2020-36131 
aomedia -- aomedia the component stats/rate_hist.c. evel | 6.8 MISC 
: ; AOM v2.0.1 was discovered to contain a global buffer overflow via CVE-2020-36133 
alle lamellae the component av1/encoder/partition_search.h. saddle 8 MISC 
: : AOM v2.0.1 was discovered to contain a segmentation violation CVE-2020-36134 
aomedia -- aomedia via the component aom_dsp/x86/obmc_sad_avx2.c. 202 aac | 43 MISC 
@backstage/plugin-scaffolder-backend is the backend for the 
default Backstage software templates. In affected versions a 
malicious actor with write access to a registered scaffolder 
template is able to manipulate the template in a way that writes 
files to arbitrary paths on the scaffolder-backend host instance. 
This vulnerability can in some situation also be exploited through 
backstage = backstage user input when executing a template, meaning you do not need 2021-11-29 55 a 
9 9 write access to the templates. This method will not allow the —— Msc 
attacker to control the contents of the injected file however, unless Ea 
the template is also crafted in a specific way that gives control of 
the file contents. This vulnerability is fixed in version `0.15.14£ of 
the ‘@backstage/plugin-scaffolder-backend’. This attack is 
mitigated by restricting access and requiring reviews when 
registering or modifying scaffolder templates. 
ARK library allows attackers to execute remote code via the CVE-2021-26615 
bandisoft -- ark_library parameter(path value) of Ark_NormalizeAndDupPAthNameW 2021-11-26 6.8 Msc 
function because of an integer overflow. = 
The BSK PDF Manager WordPress plugin before 3.1.2 does not CVE-2021-24860 
bannersky -- bsk_pdf_manager validate and escape the orderby and order parameters before 2021-11-29 6.5 MISC... — 
using them in a SQL statement, leading to a SQL injection issue m 
A heap-based buffer overflow was discovered in bluetoothd in 
BlueZ through 5.48. There isn't any check on whether there is 
enough space in the destination buffer. The function simply 
appends all data passed to it. The values of all attributes that are 7 d 
biusz = blüaz requested are appended to the output buffer. There are no size 2021-11-29 58 ee 
checks whatsoever, resulting in a simple heap overflow if one can —— CONFIRM 
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Prima ae : CVSS Source & Patch 
Vendor -- Pa Description Published | Score Info 
CVE-2021-4026 
bookstackapp -- bookstack bookstack is vulnerable to Improper Access Control 2021-11-30 4 CONFIRM 
MISC 
CVE-2021-3944 
bookstackapp -- bookstack bookstack is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-02 4 MISC 
CONFIRM 
: ._ |Cross-site request forgery (CSRF) vulnerability in Browser and 
browser_and_operating_system_findgy PNRA System Finder versions prior to 1.2 allows a remote 2021-12-01 68 ao 
br : ._ [unauthenticated attacker to hijack the authentication of an eee == FEA 
rowser_and_operating_system_finder,.. : E MISC 
administrator via unspecified vectors. 

The Bulk Datetime Change WordPress plugin before 1.12 does CVE-2021-24842 
bulk_datetime_change_project -- not enforce capability checks which allows users with Contributor 2021-11-29 55 Msc 
bulk_datetime_change roles to 1) list private post titles of other users and 2) change the E CONFIRM 

posted date of other users' posts. are 

Incorrect Access Control in Web Applications operating on 

Business-DNA Solutions GmbHa€™s TopEaseA® Platform 
businessdnasolutions -- topease Version <= 7.1.27 allows an authenticated remote attacker to view 2021-11-30 4 CVE-2021-42116 

the Shape Editor and Settings, which are functionality for higher = CONFIRM 

privileged users, via identifying said components in the front-end 

source code or other means. 

Missing HTTPOnly flag in Web Applications operating on 

Business-DNA Solutions GmbHa€™s TopEaseA® Platform 

: . Version <= 7.1.27 allows an unauthenticated remote attacker to CVE-2021-42115 
businessdnasolutions — topease escalate privileges from unauthenticated to authenticated user via eee 6.4 CONFIRM 
stealing and injecting the session- independent and static cookie 

UID. 

Unrestricted File Upload in Web Applications operating on 

Business-DNA Solutions GmbHa€™s TopEaseA® Platform CVE-2021-42123 
businessdnasolutions -- topease Version <= 7.1.27 in the File Upload Functions allows an 2021-11-30 6.5 CONFIRM 

authenticated remote attacker with Upload privileges to upload aman 

files with any file type, enabling client-side attacks. 

Insufficient Input Validation in Web Applications operating on 

Business-DNA Solutions GmbHa€™s TopEaseA® Platform 
businessdnasolutions -- topease Version <= 7.1.27 on an objecta€™s date attribute(s) allows an 2021-11-30 4 CVE-2021-42121 

authenticated remote attacker with Object Modification privileges = CONFIRM 

to insert an unexpected format into date fields, which leads to 

breaking the object page that the date field is present. 

Insufficient Input Validation in Web Applications operating on 

Business-DNA Solutions GmbH’s TopEase® Platform Version <= CVE-2021-42117 
businessdnasolutions -- topease 7.1.27 allows an authenticated remote attacker with Object 2021-11-30 4 CONFIRM 

Modification privileges to insert arbitrary HTML without code Se 

execution. 

Insufficient Input Validation in Web Applications operating on 

Business-DNA Solutions GmbHa€™s TopEaseA® Platform 
businessdnasolutions -- topease Version <= 7.1.27 on all object attributes allows an authenticated 2021-11-30 4 CVE-2021-42120 

remote attacker with Object Modification privileges to insert CONFIRM 

arbitrarily long strings, eventually leading to exhaustion of the 

underlying resource. 

Insufficient Input Validation in Web Applications operating on 

Business-DNA Solutions GmbHa€™s TopEaseA® Platform 
businessdnasolutions -- topease Version <= 7.1.27 on an objecta€™s attributes with numeric 2021-11-30 4 CVE-2021-42122 

format allows an authenticated remote attacker with Object a CONFIRM 

Modification privileges to insert an unexpected format, which 

makes the affected attribute non-editable. 

Lucet is a native WebAssembly compiler and runtime. There is a 

bug in the main branch of ‘lucet-runtime’ affecting all versions 

published to crates.io that allows a use-after-free in an Instance 

object that could result in memory corruption, data race, or other 

related issues. This bug was introduced early in the development aos a 
bytecodealliance -- lucet of Lucet and is present in all releases. As a result of this bug, and || 2021-11-30 6.8 Msc 

dependent on the memory backing for the Instance objects, it is MISC 

possible to trigger a use-after-free when the Instance is dropped. —— 

Users should upgrade to the main branch of the Lucet repository. 

Lucet no longer provides versioned releases on crates.io. There is 

no way to remediate this vulnerability without upgrading. 

The ClickBank Affiliate Ads WordPress plugin through 1.20 does 

not have CSRF check when saving its settings, allowing attacker we 
chads -- clickbank_affiliate_ads to make logged in admin change them via a CSRF attack. 2021-12-02 6.8 MISC 

Furthermore, due to the lack of escaping when they are MISC 

outputting, it could also lead to Stored Cross-Site Scripting issues ee 

chamilo-Ims v1.11.14 is affected by a Cross Site Scripting (XSS) co 
chamilo -- chamilo vulnerability in /plugin/jcapture/applet.php if an attacker passes a 2021-12-01 4.3 MISC 

message hex2bin in the cookie. MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
CVE-2021-42776 
clöverdx:=:cloverdx CloverDX Server before 5.11 2 and and 5.12.x before 5.12.1 2021-12-04 6.8 CONFIRM 
allows XXE during configuration import. Msc 
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 
lack certificate validation in HTTPS handshakes. CODESYS Git 
does not implement certificate validation by default, so it does not CVE-2021-34599 
codesys -- git verify that the server provides a valid and trusted HTTPS 2021-12-01 5.8 CONFIRM 
certificate. Since the certificate of the server to which the n 
connection is made is not properly verified, the server connection 
is vulnerable to a man-in-the-middle attack. 
An issue was discovered in Concrete CMS before 8.5.7. The CVE-2021-40101 
concretecms -- concrete _cms Dashboard allows a user's password to be changed without a 2021-11-30 6.5 CONFIRM 
prompt for the current password. MISC 
The Contact Form With Captcha WordPress plugin is vulnerable 
contact form-withicanteha broiect to Cross-Site Request Forgery due to missing nonce validation in CVE-2021-42358 
Contact fom with ig: tio J the ~/cfwc-form.php file during contact form submission, which 2021-11-29 6.8 MISC 
= —with_cap made it possible for attackers to inject arbitrary web scripts in MISC 
versions up to, and including 1.6.2. 
Unauthenticated remote attackers can read textual content via CVE-2021-23263 
craftercms -- crafter_cms FreeMarker including files /scripts/*, /templates/* and some of the || 2021-12-02 5 MSC. .OCOC~™S 
files in /.git/* (non-binary). ara 
Installations, where crafter-search is not protected, allow CVE-2021-23264 
craftercms -- crafter_cms unauthenticated remote attackers to create, view, and delete 2021-12-02 6.4 Msc 
search indexes. E 
Authenticated administrators may modify the main YAML CVE-2021-23262 
cranterems =seraitericms configuration file and load a Java class resulting in RCE. alee | 8.5 MISC 
Authenticated administrators may override the system CVE-2021-23261 
craftercms -- crafter_cms configuration file and cause a denial of service. eve ikA 02 | 4 MISC 
Authenticated users with Administrator or Developer roles may 
execute OS commands by Groovy Script which uses Groovy lib to CVE-2021-23259 
craftercms -- crafter_cms render a webpage. The groovy script does not have security 2021-12-02 6.5 Msc 
restrictions, which will cause attackers to execute arbitrary fe 
commands remotely(RCE). 
Authenticated users with Administrator or Developer roles may 
execute OS commands by SPEL Expression in Spring beans. CVE-2021-23258 
crafterems -- crafter_ems SPEL Expression does not have security restrictions, which will ae 6.5 MISC 
cause attackers to execute arbitrary commands remotely (RCE). 
An open redirect through HTML injection in confidential messages 
in Cryptshare before 5.1.0 allows remote attackers (with CVE-2021-42564 
cryptshare -- cryptshare_server permission to provide confidential messages via Cryptshare) to 2021-11-30 4.9 Msc 22)0~C~C~S~S~*# 
redirect targeted victims to any URL via the '<meta http- e 
equiv="refresh" substring in the editor parameter. 
Dell EMC Streaming Data Platform, versions prior to 1.3 contain 
Ze an SSL Strip Vulnerability in the User Interface (UI). A remote j £ 
dell~- reaming data platform (unauthenticated attacker could potentially exploit this vulnerability, | 2021-11-30 43 a 
= g _P leading to a downgrade in the communications between the client i 
and server into an unencrypted format. 
Dell EMC Streaming Data Platform versions before 1.3 contain an 
dell -- Indirect Object Reference Vulnerability. A remote malicious user 2021-11-30 4 CVE-2021-36329 
emc_streaming_data_platform may potentially exploit this vulnerability to gain sensitive S MISC 
information. 
Dell EMC Streaming Data Platform versions before 1.3 contain a 
Server Side Request Forgery Vulnerability. A remote 
ee datacolationn unauthenticated attacker may potentially exploit this vulnerability 2021-11-30 5 — 
= 9 P to perform port scanning of internal networks and make HTTP Ca 
requests to an arbitrary domain of the attacker's choice. 
Dell EMC Streaming Data Platform versions before 1.3 contain a 
SQL Injection Vulnerability. A remote malicious user may 
dell -- potentially exploit this vulnerability to execute SQL commands to 2021-11-30 65 Cy E 2020o 
emc_streaming_data_platform i i PERR A MISC 
perform unauthorized actions and retrieve sensitive information 
from the database. 
Discourse is an open source discussion platform. In affected 
versions an attacker can poison the cache for anonymous (i.e. not 
discourse = discõursë logged in) users, such that the users are shown a JSON blob 2021-12-01 5 —— 
instead of the HTML page. This can lead to a partial denial-of- = Msc 
service. This issue is patched in the latest stable, beta and tests- e 
passed versions of Discourse. 
Discourse is an open source discussion platform. In affected CVE-2021-43793 
discourse = discoùürsë versions a vulnerability in the Polls feature allowed users to vote 2021-12-01 4 CONFIRM 
multiple times in a single-option poll. The problem is patched in MISC 
the latest tests-passed, beta and stable versions of Discourse MISC 
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Prima a : CVSS Source & Patch 
Vendor -- ATO Description Published | Score Info 
django-helpdesk_project -- django- ||django-helpdesk is vulnerable to Improper Neutralization of Input a 
helpdesk During Web Page Generation ('Cross-site Scripting’) ede t te) 2a MSG 
CONFIRM 
dzzoffice 2.02.1_SC_UTF8 is affected by a Cross Site Scripting CVE-2021-43673 
dzzoffice -- dzzoffice (XSS) vulnerability in explorerfile.php. The output of exit function 2021-12-03 4.3 Msc 
will be print for the user exit(json_encode($return)). —— 
In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client 
; : connecting with a large number of user-property properties could CVE-2021-41039 
eclipse — mosquitto cause eae CPU usage, leading ea ieee s 20217120] 5 CONFIRM 
and possible denial of service. 
Improper access control vulnerability in ELECOM LAN routers 
(WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A 
firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and 
prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2- 
W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and 
prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST CVE-2021-20861 
elecom -- wrc-1167gst2_firmware __||firmware v1.03 and prior, WRC-2533GST firmware v1.03 and 2021-12-01 5.8 MISC 
prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 MISC 
firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and 
prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC- 
2533GST2 firmware v1.25 and prior) allows a network-adjacent 
authenticated attacker to bypass access restriction and to access 
the management screen of the product via unspecified vectors. 
Cross-site request forgery (CSRF) vulnerability in ELECOM LAN 
routers (WRC-1167GST2 firmware v1.25 and prior, WRC- 
1167GSTZ2A firmware v1.25 and prior, WRC-1167GST2H firmware 
v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC- 
2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware 
v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC- CVE-2021-20860 
elecom -- wrc-1167gst2_firmware ||1900GST firmware v1.03 and prior, WRC-2533GST firmware 2021-12-01 6.8 MISC 
v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC- MISC 
2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware 
v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and 
EDWRC-2533GST2 firmware v1.25 and prior) allows a remote 
authenticated attacker to hijack the authentication of an 
administrator via a specially crafted page. 
ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior CVE-2021-20854 
: and WRH-733GWH firmware v1.02.9 and prior) allows a network- isen ~ 
elecom -- wrh-733gbk_firmware : r pate B 2021-12-01 52 MISC 
adjacent attacker with an administrator privilege to execute MISC 
arbitrary OS commands via unspecified vectors. ——— 
Buffer overflow vulnerability in ELECOM LAN routers (WRH- 
733GBK firmware v1.02.9 and prior and WRH-733GWH firmware CVE-2021-20852 
elecom -- wrh-733gbk_firmware v1.02.9 and prior) allows a network-adjacent attacker with an 2021-12-01 5.2 MISC 
administrator privilege to execute an arbitrary OS command via MISC 
unspecified vectors. 
ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior CVE-2021-20853 
elecom -- wrh-733gbk_firmware and WRH-733GWH firmware v1.02.9 and prior) allows a network- 2021-12-01 52 Msc = 
= adjacent attacker with an administrator privilege to execute m MISC 
arbitrary OS commands via unspecified vectors. -n 
; i CVE-2021-3964 
elgg -- elgg peaa ea to Authorization Bypass Through User- 2021-12-01 43 MISC 
y CONFIRM 
@joeattardi/emoji-button is a Vanilla JavaScript emoji picker 
emoji_button_project -- component. In affected versions there are two vectors for XSS eo agaea 
emoji_button attacks: a URL for a custom emoji, and an i18n string. In both of 2021-11-26 4.3 Msc 
= these cases, a value can be crafted such that it can insert a MISC 
script’ tag into the page and execute malicious code. a 
A vulnerability affecting F-Secure antivirus engine was discovered 
whereby unpacking UPX file can lead to denial-of-service. The CVE-2021-40833 
f-secure -- atlant vulnerability can be exploited remotely by an attacker. A 2021-11-26 4.3 MISC 
successful attack will result in denial-of-service of the antivirus MISC 
engine. 
CVE-2021-4015 
firefly-iii -- firefly_iii firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-01 4.3 MISC 
CONFIRM 
An unsafe search path vulnerability in FortiClientWindows 7.0.0, 
6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and CVE-2021-32592 
fortinet -- forticlient below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack || 2021-12-01 6.9 CONFIRM 
attack on affected devices via a malicious OpenSSL engine library (paar 
in the search path. 
In GNU Mailman before 2.1.38, a list member or moderator can 
gnu -- mailman get a CSRF token and craft an admin request (using that token) to || 2021-12-02 | 6.8 ——E 
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Primary oar A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
pictshare v1.5 is affected by a Cross Site Scripting (XSS) CVE-2021-43683 
haschek -- pictshare vulnerability in api/info.php. The exit function will terminate the 2021-12-02 4.3 Msc .OOC~™S 
script and print the message which has $_ REQUEST[hash’. B 
HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 
templated ACL policies would always match the first-created entity CVE-2021-43998 
hashicorp -- vault alias if multiple entity aliases exist for a specified entity and mount || 2021-11-30 6.4 Msc 
combination, potentially resulting in incorrect policy enforcement. e 
Fixed in Vault and Vault Enterprise 1.7.6, 1.8.5, and 1.9.0. 
Some Huawei products use the OpenHpi software for hardware 
management. A function that parses data returned by OpenHpi 
, > contains an out-of-bounds read vulnerability that could lead to a CVE-2021-39995 
huawei Gcns2B0xta mae denial of service. Affected product versions include: eCNS280_TD eons L MISC 
V100R005C10; eSE620X vESS V100R001C10SPC200, 
V100R001C20SPC200, V200R001C00SPC300. 
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local CVE-2021-38967 
ibm -- mq_appliance rivileged user to inject and execute malicious code. IBM X-Force || 2021-11-30 4.6 XF 
q_app p g J 
ID: 212441. CONFIRM 
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. 
ibri This vulnerability allows users to embed arbitrary JavaScript code CVE-2021-29849 
radar security infornmationnand evening Web yl thus altering the intended functionality potentially 2021-12-01 4.3 CONFIRM 
q = ya Land evig mgt Edentials disclosure within a trusted session. IBM X- XF 
Force ID: 205281. 
IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain 
ibm -- sensitive information due to the server performing key exchange 2021-12-01 43 coe 
qradar_security_information_and_evevithoidreagi#ty authentication on inter-host communications using B xe 
man in the middle techniques. IBM X-Force ID: 203033. = 
ibm -- IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected CVE-2021-20400 
radar secunty information: and. eve piggnagele algorithms that could allow an attacker to decrypt 2021-12-01 5 XF 
qradar_ y— and RAD WRftive information. IBM X-Force ID: 196074. CONFIRM 
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server side request 
forgery (SSRF). This may allow an authenticated attacker to send 
ibm -- unauthorized requests from the system, potentially leading to CVE-2021-29863 
aa : : aes : i. 2021-12-01 4 XF 
qradar_security_information_and_eveæetwosnegameration or facilitating other attacks. This vulnerability CONFIRM 
is due to an incomplete fix for CVE-2020-4786. IBM X-Force ID: _ 
206087. 
This issue was discovered when the ipTIME C200 IP Camera was 
synchronized with the ipTIME NAS. It is necessary to extract value 
rare ; for ipTIME IP camera because the ipTIME NAS send ans CVE-2020-7879 
iptime -- c200_firmware setCookie('[COOKIE]') . The value is transferred to the -header | 2021-11-30 68 misc 
option in wget binary, and there is no validation check. This 
vulnerability allows remote attackers to execute remote command. 
i : BRP Pinkie 2.15 allows remote attackers to cause a denial of service CVE-2021-44428 
puiptime= pinkie (daemon crash) via a TFTP read (RRQ) request, aka opcode 1. PORA 5 MISC 
issabelPBX version 2.11 is affected by a Cross Site Scripting 
(XSS) vulnerability. In file page.backup_restore.php, the exit CVE-2021-43695 
issabel -- pbx function will terminate the script and print the message to the user.|| 2021-11-29 4.3 Msc = 
The message will contain $_REQUEST without sanitization, then —— 
there is a XSS vulnerability. 
An issue was discovered in Jamf Pro before 10.32.0, aka PI- e 
jamf -- jamf 009921. An account can be granted incorrect privileges in 2021-12-01 6.5 CONFIRM 
response to authentication that uses specific sign-on workflows. Msc 
The URL Shortify WordPress plugin before 1.5.1 does not have 
: CSRF check in place when bulk-deleting links or groups, which CVE-2021-24749 
kazencoders — url_shortify could allow attackers to make a logged in admin delete arbitrary re 43 MISC 
link and group via a CSRF attack. 
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently 
restrict the message destination, allowing any user to inspect and CVE-2021-44225 
keepalived -- keepalived manipulate any property. This leads to access-control bypass in 2021-11-26 5.5 MISC 
some situations in which an unrelated D-Bus system service has a MISC 
settable (writable) property 
e fie Se kimai2 is vulnerable to Improper Neutralization of Input During CVE-2021-3985 
kimai -- kimai2 peters ; a 2021-12-01 6 MISC 
Web Page Generation ('Cross-site Scripting') CONFIRM 
CVE-2021-3992 
kimai2_project -- kimai2 kimai2 is vulnerable to Improper Access Control 2021-12-01 4 CONFIRM 
MISC 
aor = ; CVE-2021-3983 
kimai2_project -- kimai2 kimai2 is vulnerable to Improper Neutralization of Input During 2021-12-01 43 MISC 
Web Page Generation ('Cross-site Scripting') CONFIRM 
librenme=libreninis Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) 2021-12-01 | 43 CVE-2021-44279 





MISC 
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Primary ore A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
; i Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) 49. CVE-2021-44277 
librenms:=librenms vulnerability in includes/html/common/alert-log.inc.php. POAN 4.3 MISC 
Backstage is an open platform for building developer portals. In 
affected versions the auth-backend plugin allows a malicious actor 
to trick another user into visiting a vulnerable URL that executes 
an XSS attack. This attack can potentially allow the attacker to CVE-2021-43776 
linuxfoundation -- auth_backend exfiltrate access tokens or other secrets from the user's browser. 2021-11-26 4.3 CONFIRM 
The default CSP does prevent this attack, but it is expected that MISC 
some deployments have these policies disabled due to 
incompatibilities. This is vulnerability is patched in version `0.4.9` 
of ‘@backstage/plugin-auth-backend’. 
Mahavitaran android application 7.50 and prior transmit sensitive 
: ; information in URL parameters. This may lead to information CVE-2020-27414 
Mahadiscomis-mahavitaran disclosure if unauthorized parties have access to the URLs via eon te Oe 4.3 MISC 
server logs, referrer header, MITM or browser history. 
manage (last update Oct 24, 2017) is affected by a Cross Site 
Scripting (XSS) vulnerability in 
manage_project -- manage Application/Home/Controller/GoodsController.class.php. The exit 2021-12-01 4.3 oe 
function will terminate the script and print a message which have patos 
values from $_POST. 
The Email Before Download WordPress plugin before 6.8 does 
mandsconsulting -- not properly validate and escape the order and orderby GET 2021-11-29 6.5 CVE-2021-24748 
email_before_download parameters before using them in SQL statements, leading to aris MISC 
authenticated SQL injection issues 
The myCred WordPress plugin before 1.7.8 does not sanitise and CVE-2017-20008 
mycred -- mycred escape the user parameter before outputting it back in the Points 2021-11-29 4.3 MISC 
Log admin dashboard, leading to a Reflected Cross-Site Scripting CONFIRM 
The myCred WordPress plugin before 2.3 does not validate or CVE-2021-24755 
mycred -- mycred escape the fields parameter before using it in a SQL statement, 2021-11-29 6.5 Msc 
leading to an SQL injection exploitable by any authenticated user E 
nextcloud news-android is an Android client for the Nextcloud 
news/feed reader app. In affected versions the Nextcloud News 
for Android app has a security issue by which a malicious CVE-2021-41256 
EA application installed on the same device can send it an arbitrary saaie MISC 
Reaicloue SE MEWS Intent that gets reflected back, unintentionally giving read and AOAN ETERO 5.8 MISC 
write access to non-exported Content Providers in Nextcloud CONFIRM 
News for Android. Users should upgrade to version 0.9.9.63 or 
higher as soon as possible. 
The Ninja Forms Contact Form WordPress plugin before 3.6.4 CVE-2021-24889 
ninjaforms -- ninja_forms does not escape keys of the fields POST parameter, which could 2021-11-29 6:5 Msc 
allow high privilege users to perform SQL injections attacks E 
Nodebb is an open source Node.js based forum software. In 
affected versions a prototype pollution vulnerability in the uploader 
module allowed a malicious user to inject arbitrary data (i.e. CVE-2021-43787 
_ javascript) into the DOM, theoretically allowing for an account Prk MISC 
nodebb — nodebb takeover when used in conjunction with a path traversal 2021-11-29 43 MISC 
vulnerability disclosed at the same time as this report. The CONFIRM 
vulnerability has been patched as of v1.18.5. Users are advised to 
upgrade as soon as possible. 
Nodebb is an open source Node.js based forum software. Prior to 
v1.18.5, a path traversal vulnerability was present that allowed a 
nodebb -- nodebb users to access JSON files outside of the expected ‘languages/* 2021-11-29 4 CONFIRM 
directory. The vulnerability has been patched as of v1.18.5. Users Msc 
are advised to upgrade as soon as possible. Erri 
Nodebb is an open source Node.js based forum software. In 
affected versions incorrect logic present in the token verification ia uaa 
nodebb -- nodebb step unintentionally allowed master token access to the API. The 2021-11-29 5 Msc 
vulnerability has been patch as of v1.18.5. Users are advised to MISC 
upgrade as soon as possible. Press 
Cross-site scripting vulnerability in Wi-Fi STATION SH-52A 
ñttdocomo ate Station sh: (38JP_1_11G, 38JP_1_11J, 38JP_1_11K, 38JP_1_11L, CVE-2021-20847 
52a firmware = 38JP_1_26F, 38JP_1_26G, 38JP_1_26J, 38JP_2_03B, and 2021-12-01 4.3 MISC 
= 38JP_2_03C) allows a remote unauthenticated attacker to inject MISC 
an arbitrary script via WebUI of the device. 
nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) CVE-2021-43686 
nzedb_ project -- nzedb vulnerability in www/pages/api.php. The exit function will terminate|| 2021-12-02 4.3 nee ~ 


MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Insulet Omnipod Insulin Management System insulin pump 
product ID 19191 and 40160 is designed to communicate using a 
wireless RF with an Insulet manufactured Personal Diabetes 
omnibod=: Manager device. This wireless RF communication protocol does CVE-2020-10627 
Sla manademént systém firmwd 9t properly implement authentication or authorization. An 2021-12-01 4.8 MISC 
= 9 -Sy = attacker with access to one of the affected insulin pump models MISC 
may be able to modify and/or intercept data. This vulnerability 
could also allow attackers to change pump settings and control 
insulin delivery. 
A SQL injection vulnerability exists in version 8.0 of openSIS when 
; MySQL or MariaDB is used as the application database. An CVE-2021-41678 
os4ed — opensis attacker can then issue the SQL command through the 2021-11-30 6.8 MISC 
/opensis/modules/users/Staff.php, staff{TITLE] parameter. 
A SQL injection vulnerability exists in version 8.0 of openSIS when 
> MySQL or MariaDB is used as the application database. An CVE-2021-41677 
osded apenas attacker can then issue the SQL command through the anal ae L MISC 
/opensis/functions/GetStuListFnc.php &Grade= parameter. 
A SQL injection vulnerability exists in version 8.0 of openSIS when 
: MySQL or MariaDB is used as the application database. An CVE-2021-41679 
os4ed -- opensis attacker can then issue the SQL command through the Oe Ile30 6.8 MISC 
/opensis/modules/grades/InputFinalGrades.php, period parameter. 
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x 
below 8.0.13, certain XML parsing functions, like 
simplexml_load_file(), URL-decode the filename passed to them. CVE-2021-21707 
php -- php If that filename contains URL-encoded NUL character, this may 2021-11-29 5 Mee 
cause the function to interpret this as the end of the filename, thus Ron 
interpreting the filename differently from what the user intended, 
which may lead it to reading a different file than intended. 
phpWhois (last update Jun 30 2021) is affected by a Cross Site 
Scripting (XSS) vulnerability. In file example.php, the exit function CVE-2021-43698 
phpwhois_project -- phpwhois will terminate the script and print the message to the user. The 2021-11-29 4.3 Msc 
message will contain $_GET['query'] then there is a XSS lemurs 
vulnerability. 
Vulnerability in dirhistory plugin Description: the widgets that go 
back and forward in the directory history, triggered by pressing Alt- 
Left and Alt-Right, use functions that unsafely execute eval on CVE-2021-3725 
planetargon -- oh_my_zsh directory names. If you cd into a directory with a carefully-crafted 2021-11-30 6.8 Msc 
name, then press Alt-Left, the system is subject to command S 
injection. Impacted areas: - Functions pop_past and pop_future in 
dirhistory plugin. 
PortSwigger Burp Suite Enterprise Edition before 2021.11 on 
Windows has weak file permissions for the embedded H2 
database, which might lead to privilege escalation. This issue can CVE-2021-44230 
portswigger -- burp_suite be exploited by an adversary who has already compromised a 2021-11-30 4 Msc 
valid Windows account on the server via separate means. In this e 
scenario, the compromised account may have inherited read 
access to sensitive configuration, database, and log files. 
An improper authentication vulnerability has been reported to 
affect QNAP device, VioStor. If exploited, this vulnerability allows CVE-2021-38686 
qnap -- qvr attackers to compromise the security of the system. We have 2021-11-26 6.8 CONFIRM 
already fixed this vulnerability in the following versions of QVR: U 
QVR FW 5.1.6 build 20211109 and later 
The Registrations for the Events Calendar WordPress plugin 
a ihe: eventscalend before 2.7.5 does not escape the v parameter before outputting it || 2021-11-29 4.3 rr NE 
9 =T = fBack in an attribute, leading to a Reflected Cross-Site Scripting S 
S3Scanner before 2.0.2 allows Directory Traversal via a crafted C 
s3scanner_project -- s3scanner bucket, as demonstrated by a <Key>../ substring in a 2021-11-29 5 MISC 
ListBucketResult element. ier 
MISC 
CVE-2021-3989 
showdoc -- showdoc showdoc is vulnerable to URL Redirection to Untrusted Site 2021-12-01 5.8 MISC 
CONFIRM 
CVE-2021-3993 
showdoc -- showdoc showdoc is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-01 4.3 CONFIRM 
MISC 
: ‘ CVE-2021-3990 
showdoc=showdot showdoc is vulnerable to Use of Cryptographically Weak Pseudo- 2021-12-01 43 MISC 
Random Number Generator (PRNG) SARI 
CONFIRM 
CVE-2021-4017 
showdoc -- showdoc showdoc is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-01 6.8 CONFIRM 
MISC 
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youtube-php-mirroring 











Cross Site Scripting (XSS) vulnerability in file ytproxy/index.php. 














MISC 


Primary ane A CVSS Source & Patch 
Vendor -- Product Desciiption Published | Score Info 
An authenticated user could potentially execute code via an SQLi 
sophos -- iens ; EPE CVE-2021-36807 
unified_threat_management_up2da oes in the user portal of SG UTM before version 9.708 2021-11-26 | 6.5 CONFIRM 
The Stetic WordPress plugin is vulnerable to Cross-Site Request 
Forgery due to missing nonce validation via the stats_page CVE-2021-42364 
stetic -- stetic function found in the ~/stetic.php file, which made it possible for 2021-11-29 6.8 MISC 
attackers to inject arbitrary web scripts in versions up to, and MISC 
including 1.0.6. 
Taocms v2.5Betad was discovered to contain a blind SQL CVE-2021-25783 
leegege =tacems injection vulnerability via the function Article Search. evel eee | 8.5 MISC 
Taocms v2.5Betad was discovered to contain a blind SQL CVE-2021-25784 
taogoge -- taocms injection vulnerability via the function Edit Article. 20211202 | 65 [MISC 
thinkphp-bjyblog (last update Jun 4 2021) is affected by a Cross 
: : : Site Scripting (XSS) vulnerability in 
thinkphp-bjyblog_project ~ AdminBaseController.class.php. The exit function will terminate 2021-12-02 4.3 — 
pnp-9Jybiog the script and print the message to the user which has UAD 
$_SERVER['HTTP_HOST'J. 
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable 
to an improper access control privilege escalation vulnerability that 
could allow an attacker to establish a connection that could lead to CVE-2021-43771 
trendmicro -- antivirus full local privilege escalation within the application. Please note 2021-11-30 4.6 MISC 
that an attacker must first obtain the ability to execute low- MISC 
privileged code on the target system in order to exploit this 
vulnerability. 
twmap v2.91_v4.33 is affected by a Cross Site Scripting (XSS) 
: vulnerability. In file list.php, the exit function will terminate the CVE-2021-43696 
twmap project- twmap script and print the message to the user. The message will contain mete? 43 MISC 
$_REQUEST then there is a XSS vulnerability. 
A vulnerability found in udisks2. This flaw allows an attacker to CVE-2021-3802 
udisks_project -- udisks input a specially crafted image file/USB leading to kernel panic. 2021-11-29 6.3 MISC 
The highest threat from this vulnerability is to system availability. MISC 
Serva 4.4.0 allows remote attackers to cause a denial of service CVE-2021-44429 
vercot -- serva (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a || 2021-11-29 5 aK“ ~ 
related issue to CVE-2013-0145. -< 
CVE-2021-4019 
: a MISC 
vim -- vim vim is vulnerable to Heap-based Buffer Overflow 2021-12-01 6.8 CONFIRM 
FEDORA 
CVE-2021-3984 
vim -- vim vim is vulnerable to Heap-based Buffer Overflow 2021-12-01 6.8 MISC 
CONFIRM 
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the 
vmware -- Spring AMQP Message object, in its toString() method, will create 2021-11-30 4 CVE-2021-22095 
spring_advanced_message_queuingapretoGiting object from the message body, regardless of its size. rs MISC 
This can cause an OOM Error with a large message 
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows CVE-2021-38283 
wipro -- holmes remote attackers to read application log files containing sensitive 2021-11-29 5 MISC 
information via a predictable /log URI. MISC 
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows 
remote attackers to download arbitrary files, such as reports 
containing sensitive information, because authentication is not 
required for API access to CVE-2021-38147 
wipro -- holmes processexecution/DownloadExcelFile/Domain_Credential_Report_|Fx2@21-11-29 5 MISC 
processexecution/DownloadExcelFile/User_Report_Excel, MISC 
processexecution/DownloadExcelFile/Process_Report_Excel, 
processexecution/DownloadExcelFile/Infrastructure_Report_Excel| 
or processexecution/DownloadExcelFile/Resolver_Report_Excel. 
Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is 
affected by a Cross Site Scripting (XSS) vulnerability. In file 
workerman-thinkphp-redis_project - ||Controller.class.php, the exit function will terminate the script and 2021-11-29 43 CVE-2021-43697 
- workerman-thinkphp-redis print the message to the user. The message will contain — MISC 
$_GET{C('VAR_JSONP_HANDLER’)] then there is a XSS 
vulnerability. 
wp-events-olüdiñi-: The Events Manager WordPress plugin before 5.9.8 does not CVE-2020-35037 
er ente pal aa sanitise and escape some search parameter before outputing 2021-12-01 4.3 CONFIRM 
= 9 them in pages, which could lead to Cross-Site Scripting issues MISC 
Wo-events-blüain:-: The Events Manager WordPress plugin before 5.9.8 does not CVE-2020-35012 
E a T sanitise and escape a parameter before using it in a SQL 2021-12-01 65 CONFIRM 
= 9 statement, leading to an SQL Injection MISC 
youtubephpmirroring_project -- youtube-php-mirroring (last update Jun 9, 2017) is affected by a 2021-11-29 | 43 CVE-2021-43692 
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holds, resulting in leaking arbitrary heap data. The root cause can 
be found in the function service_attr_req of sdpd-request.c. The 
server does not check whether the CSTATE data is the same in 


CONFIRM 


Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
YurunProxy v0.01 is affected by a Cross Site Scripting (XSS) 
: vulnerability in src/Client.php. The exit function will terminate the CVE-2021-43690 
yurunproxy_project -- yurunproxy ||Script and print a message which have values from the 20212120] 4.3 MISC 
socket_read. 
Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file CVE-2020-29177 
zblogen — 2-blogphp deletion vulnerability via \app_del.php. evel ete | 6.4 misc 
SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) CVE-2021-43681 
zerodream -- sakurapanel vulnerability in /master/core/PostHandler.php. The exit function will} 2021-12-02 4.3 MSC .OCS™S 
terminate the script and print the message $datal['proxy_name’). = 
zohocorp -- Zoho ManageEngine SupportCenter Plus before 11016 is CVE-2021-43296 
, : ; 2021-11-30 5 MISC 
manageengine_supportcenter_plus ||vulnerable to an SSRF attack in ActionExecutor. CONEIRM 
zohocorp -- Zoho ManageEngine SupportCenter Plus before 11016 is ——— 
F : 2021-11-30 4.3 MISC 
manageengine_supportcenter_plus |\vulnerable to Reflected XSS in the Products module. CONEIRM 
zohocorp -- Zoho ManageEngine SupportCenter Plus before 11016 is 2021-11-30 43 ao 
manageengine_supportcenter_plus |/vulnerable to Reflected XSS in the Accounts module. = MISC 
ZrLog 2.2.2 has a remote command execution vulnerability at CVE-2021-44094 
zriog -- zrlog plugin download function, it could execute any JAR file scoala ae | 5.8 MISC 
Zulip is an open source group chat application that combines real- 
time chat with threaded conversations. In affected versions 
expiration dates on the confirmation objects associated with email 
invitations were not enforced properly in the new account 
registration flow. A confirmation link takes a user to the 
zulj = Zuli check_prereg_key_and_redirect endpoint, before getting 2021-12-02 5 aoe ae 
p P redirected to POST to /accounts/register/. The problem was that = Msc 
validation was happening in the check_prereg_key_and_redirect pe 
part and not in /accounts/register/ - meaning that one could submit 
an expired confirmation key and be able to register. The issue is 
fixed in Zulip 4.8. There are no known workarounds and users are 
advised to upgrade as soon as possible. 
Back to top 
Low Vulnerabilities 
Primary er : CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
DLL hijacking could lead to denial of service. The following 
ae products are affected: Acronis Cyber Protect 15 (Windows) before Pre CVE-2021-44199 
acronis: = agent build 28035, Acronis Agent (Windows) before build 27305, Acronis| 2021-11-29 19 misc 
Cyber Protect Home Office (Windows) before build 39612 
Stored cross-site scripting (XSS) was possible in protection plan CVE-2021-44203 
acronis -- cyber_protect details. The following products are affected: Acronis Cyber Protect|| 2021-11-29 3.5 Mic #82) 
15 (Windows, Linux) before build 28035 S 
Stored cross-site scripting (XSS) was possible in activity details. CVE-2021-44202 
acronis -- cyber_protect The following products are affected: Acronis Cyber Protect 15 2021-11-29 32.5 Msc = 
(Windows, Linux) before build 28035 me 
Self cross-site scripting (XSS) was possible on devices page. The CVE-2021-44200 
acronis -- cyber_protect following products are affected: Acronis Cyber Protect 15 2021-11-29 ap. Msc — 
(Windows, Linux) before build 28035 —— 
The Asgaros Forums WordPress plugin is vulnerable to Stored 
Cross-Site Scripting due to insufficient escaping via the name 
parameter found in the ~/admin/tables/admin-structure-table.php T y 
file which allowed attackers with administrative user access to CVE-2021-42365 
asgaros -- asgaros_forum ae ; : : > z - 2021-11-29 al MISC 
inject arbitrary web scripts, in versions up to and including MISC 
1.15.13. This affects multi-site installations where unfiltered_html —— 
is disabled for administrators, and sites where unfiltered_html is 
disabled. 
An issue was discovered in bluetoothd in BlueZ through 5.48. The 
vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP 
implementation. By crafting a malicious CSTATE, it is possible to CVE-2019-8921 
bluez -- bluez trick the server into returning more bytes than the buffer actually 2021-11-29 33 Msc 











consecutive requests, and instead simply trusts that it is the same. 
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Info 





businessdnasolutions -- topease 


Persistent Cross Site Scripting in Web Applications operating on 


Business-DNA Solutions GmbHa€™s TopEaseA® Platform 
Version <= 7.1.27 via the Structure Component allows an 
authenticated remote attacker with Object Modification privileges 
to inject arbitrary HTML and JavaScript code in an object attribute, 
which is then rendered in the Structure Component, to alter the 
intended functionality and steal cookies, the latter allowing for 
account takeover. 


2021-11-30 


CVE-2021-42118 
CONFIRM 








businessdnasolutions -- topease 


Persistent Cross Site Scripting in Web Applications operating on 
Business-DNA Solutions GmbHa€™s TopEaseA® Platform 
Version <= 7.1.27 via the Search Functionality allows 
authenticated users with Object Modification privileges to inject 
arbitrary HTML and JavaScript in object attributes, which is then 
rendered in the Search Functionality, to alter the intended 
functionality and steal cookies, the latter allowing for account 
takeover. 


2021-11-30 


CVE-2021-42119 
CONFIRM 





chads -- clickbank_affiliate_ads 


The ClickBank Affiliate Ads WordPress plugin through 1.20 does 


not escape its settings, allowing high privilege users to perform 
Cross-Site Scripting attacks even when the unfiltered_html is 
disallowed. 


2021-12-02 


CVE-2015-20106 
MISC 








craftercms -- crafter_cms 


Authenticated users with Site roles may inject XSS scripts via file 
names that will execute in the browser for this and other users of 
the same site. 


2021-12-02 


CVE-2021-23260 
MISC 








discourse -- discourse 


Discourse is an open source discussion platform. In affected 
versions a vulnerability affects users of tag groups who use the 
"Tags are visible only to the following groups" feature. A tag group 
may only allow a certain group (e.g. staff) to view certain tags. 
Users who were tracking or watching the tags via 
/preferences/tags, then have their staff status revoked will still see 
notifications related to the tag, but will not see the tag on each 
topic. This issue has been patched in stable version 2.7.11. Users 
are advised to upgrade as soon as possible. 


2021-12-01 


CVE-2021-43792 
MISC 

CONFIRM 

MISC 








elecom -- wrc-1167gst2_ firmware 


Improper access control vulnerability in ELECOM routers (WRC- 
1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware 
v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, 
WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W 
firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, 
WRC-1750GSV firmware v2.11 and prior, WRC-1900GST 
firmware v1.03 and prior, WRC-2533GST firmware v1.03 and 
prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 
firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and 
prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC- 
2533GST2 firmware v1.25 and prior) allows a network-adjacent 
unauthenticated attacker to bypass access restriction, and to 
obtain anti-CSRF tokens and change the product's settings via 
unspecified vectors. 


2021-12-01 


CVE-2021-20862 
MISC 
MISC 





elecom -- wrc-2533ghbk-i_ firmware 


Cross-site scripting vulnerability in ELECOM LAN router WRC- 


2533GHBK-I firmware v1.20 and prior allows a remote 
authenticated attacker to inject an arbitrary script via unspecified 
vectors. 


2021-12-01 


CVE-2021-20857 


MISC 
MISC 








elecom -- wrc-2533ghbk-i_firmware 


Cross-site scripting vulnerability in ELECOM LAN router WRC- 
2533GHBK-I firmware v1.20 and prior allows a remote 
authenticated attacker to inject an arbitrary script via unspecified 
vectors. 


2021-12-01 


CVE-2021-20858 
MISC 
MISC 





elecom -- wrh-733gbk_firmware 


Cross-site scripting vulnerability in ELECOM LAN routers (WRH- 


733GBK firmware v1.02.9 and prior and WRH-733GWH firmware 
v1.02.9 and prior) allows a remote authenticated attacker to inject 
an arbitrary script via unspecified vectors. 


2021-12-01 


CVE-2021-20855 


MISC 
MISC 








elecom -- wrh-733gbk_firmware 


Cross-site scripting vulnerability in ELECOM LAN routers (WRH- 

733GBK firmware v1.02.9 and prior and WRH-733GWH firmware 
v1.02.9 and prior) allows a remote authenticated attacker to inject 
an arbitrary script via unspecified vectors. 


2021-12-01 


CVE-2021-20856 
MISC 
MISC 





essentialplugin -- popup_anything 


The Popup Anything WordPress plugin before 2.0.4 does not 


escape the Link Text and Button Text fields of Popup, which could 
allow users with a role as low as Contributor to perform Cross-Site 
Scripting attacks 


2021-11-29 


CVE-2021-24883 


MISC 
CONFIRM 
MISC 








generateblocks -- generateblocks 


The GenerateBlocks WordPress plugin before 1.4.0 does not 
validate the generateblocks/container block's tagName attribute, 
which could allow users with a role as low as contributor to 
perform Cross-Site Scripting attacks. 


2021-11-29 


CVE-2021-24751 
MISC 





getawesomesupport -- 
awesome_support 








Multiple Authenticated Reflected Cross-Site Scripting (XSS) 


vulnerabilities in WordPress Awesome Support plugin (versions 





<= 6.0.6), vulnerable parameters (&id, &assignee). 








2021-11-26 








CVE-2021-36919 


MISC 





CONFIRM 
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Primary oar A CVSS Source & Patch 
Vendor -- Product Description Publisned Score Info 
An issue was discovered on Victure WR1200 devices through 
1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within 
Wi-Fi range through the router's MAC address. The device default CVE-2021-43282 
govicture -- wr1200_firmware Wi-Fi password corresponds to the last 4 bytes of the MAC 2021-11-30 3.3 MISC 
address of its 2.4 GHz network interface controller (NIC). An MISC 
attacker within scanning range of the Wi-Fi network can thus scan 
for Wi-Fi networks to obtain the default key. 
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. 
helo hexo The post “body” and “tags” don’t sanitize malicious javascript 2021-11-30 19 ae e 
during web page generation. Local unprivileged attacker can inject S MISC 
arbitrary code. a 
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local CVE-2021-39000 
ibm -- mq_appliance attacker to obtain sensitive information by inclusion of sensitive 2021-11-30 ZA CONFIRM 
data within diagnostics. IBM X-Force ID: 213215. XE 
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of CVE-2021-38958 
ibm -- mq_appliance service attack caused by a concurrency issue. IBM X-Force ID: 2021-11-30 2 CONFIRM 
212042 XF 
‘ ; Pa CVE-2021-38999 
ibm -- mq_appliance IBM MQ Appliance could allow a local attacker to obtain sensitive 2021-11-30 24 XF 
information by inclusion of sensitive data within trace. 
CONFIRM 
The Media-Tags WordPress plugin through 3.2.0.2 does not 
media-tags_project -- media-tags sanitise and escape any of its Labels settings, which could allow 2021-11-29 CVE-2021-24899 


high privilege users to perform Cross-Site Scripting attacks even 
when the unfiltered_htnl capability is disallowed. 


Is 
jen 


MISC 





meetecho -- janus 


janus-gateway is vulnerable to Improper Neutralization of Input 
During Web Page Generation ('Cross-site Scripting’) 


2021-11-27 


CVE-2021-4020 


CONFIRM 
MISC 





my_calendar_project -- 
my_calendar 


The My Calendar WordPress plugin before 3.2.18 does not 


sanitise and escape the callback parameter of the 
mc_post_lookup AJAX action (available to any authenticated user) 
before outputting it back in the response, leading to a Reflected 
Cross-Site Scripting issue 


2021-11-29 


CVE-2021-24927 
MISC 





nxp -- kinetis_k82_firmware 


NXP Kinetis K82 devices have a buffer over-read via a crafted 


wlength value in a GET Status-Other request during use of USB 
In-System Programming (ISP) mode. This discloses protected 
flash memory. 


2021-12-01 


Bog 


CVE-2021-44479 


MISC 
MISC 








In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS 
vulnerability via SVG file upload of users’ profile picture. This 


ie 
len 


CVE-2021-25967 








okfn -- ckan allows low privileged application users to store malicious scripts in || 2021-12-01 MISC 
their profile picture. These scripts are executed in a victim’s S 
browser when they open the malicious profile picture 
The Shop Page WP WordPress plugin before 1.2.8 does not 
shoppagewp -- shop_page_wp sanitise and escape some of the Product fields, allowing high 2021-11-29 CVE-2021-24811 


privilege users to perform Cross-Site Scripting attacks even when 
the unfiltered_html capability is disallowed. 


Is 
lon 


MISC 





smashballoon -- 
smash_balloon_social_post_feed 


The Smash Balloon Social Post Feed WordPress plugin before 


4.0.1 did not have any privilege or nonce validation before saving 
the plugin's setting. As a result, any logged-in user on a vulnerable 
site could update the settings and store rogue JavaScript on each 
of its posts and pages. 


2021-11-29 


CVE-2021-24918 
MISC 
MISC 





snipeitapp -- snipe-it 


snipe-it is vulnerable to Improper Neutralization of Input During 
Web Page Generation ('Cross-site Scripting’) 


2021-12-01 


CVE-2021-4018 


CONFIRM 
MISC 





sophos -- exploit_prevention 


A local administrator could prevent the HMPA service from starting 


despite tamper protection using an unquoted service path 
vulnerability in the HMPA component of Sophos Intercept X 
Advanced and Sophos Intercept X Advanced for Server before 
version 2.0.23, as well as Sophos Exploit Prevention before 
version 3.8.3. 


2021-11-26 


Ecc 


CVE-2021-25269 
CONFIRM 








stylishcostcalculator -- 


The Stylish Cost Calculator WordPress plugin before 7.0.4 does 
not have any authorisation and CSRF checks on some of its AJAX 
actions (available to authenticated users), which could allow any 


CVE-2021-24822 








stylish cost -calculator authenticated users, such as subscriber to call them, and perform || 2021-11-29 Re MISC 
yish cosi Stored Cross-Site Scripting attacks against logged in admin, as pa 
well as frontend users due to the lack of sanitisation and escaping 
in some parameters 
taogogo -- taocms Taocms v2.5Betad was discovered to contain a cross-site scripting 2021-12-02 | 3.5 CVE-2021-25785 


(XSS) vulnerability via the component Management column. 


MISC 








wpchill -- check_ amp;_log_ email 





The Check & Log Email WordPress plugin before 1.0.4 does not 


escape the d parameter before outputting it back in an attribute, 





leading to a Reflected Cross-Site Scripting 








2021-11-29 








CVE-2021-24908 


MISC 
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The About Author Box WordPress plugin before 1.0.2 does not 
sanitise and escape the Social Profiles field values before 
outputting them in attributes, which could allow user with a role as 
low as contributor to perform Cross-Site Scripting attacks. 


The WP RSS Aggregator WordPress plugin before 4.19.2 does 
not properly sanitise and escape the URL to Blacklist field, 
allowing malicious HTML to be inserted by high privilege users 2021-11-29 35 
even when the unfiltered_html capability is disallowed, which 
could lead to Cross-Site Scripting issues. 


CVE-2021-24745 


2021-11-29 3.5 MISC 


wpkube -- about_author_box 








wprssaggregator -- 
wp_rss_aggregator 


CVE-2021-24768 
MISC 
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Armeria is an open source microservice framework. In affected 
versions an attacker can access an Armeria server's local file 
system beyond its restricted directory by sending an HTTP 


request whose path contains *%2F* (encoded `^), such as CVE-2021-43795 
































Buffer overflow vulnerability in function SetFirewall in index.cgi in 


circutor -- compact_dc-s_basic CIRCUTOR COMPACT DC-S BASIC smart metering concentrator not yet |CVE-2021-26777 








amenacsarmena ‘/files/..%2Fsecrets.txt’, bypassing Armeria's path validation logic. || 2021-12-02 ha ae ee 
Armeria 1.13.4 or above contains the hardened path validation eaters CONFIRM 
logic that handles `%2F` properly. This vulnerability can be worked _———— 
around by inserting a decorator that performs an additional 
validation on the request path. 
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL CVE-2021-44050 
broadcom -- network_flow_analysis ||injection vulnerability in the NFA web application, due to 2021-12-02 not yet Msc 
insufficient input validation, that could potentially allow an calculated FULLDISC 
authenticated user to access sensitive data. er 
CVE-2021-35414 
MISC 
2 MISC 
cnamilo ims Chamilo LMS v1.11.x was discovered to contain a SQL injection 2021-12-03 not yet MISC 
via the doc parameter in main/plagiarism/compilatio/upload.php. calculated |MISC 
MISC 
MISC 
MISC 
A remote code execution (RCE) vulnerability in — 
chamilo -- Ims course_intro_pdf_import.php of Chamilo LMS v1.11.x allows 2021-12-03 not yet MISC 
authenticated attackers to execute arbitrary code via a crafted calculated MISC 
-htaccess file. MISC 
CVE-2021-35415 
MISC 
MISC 
ehamilo came A stored cross-site scripting (XSS) vulnerability allows attackers to not yet MISC 
execute arbitrary web scripts or HTML via a crafted payload in the || 2021-12-03 calculated MISC 
course "Title" and "Content" fields. MISC 
MISC 
MISC 
MISC 


























Firwmare version CIR_CDC_v1.2.17, allows attackers to execute 0A IETA0 calculated ||MISC 
arbitrary code. 
An issue was discovered in the eGeeTouch 3rd Generation Travel 
Padlock application for Android. The lock sends a pairing code 
egee_touch -- before each operation (lock or unlock) activated via the 
= . companion app. The code is sent unencrypted, allowing any 49. not yet |CVE-2021-44518 
Prd generation. trâvél padlock attacker with the same app (either Android or iOS) to add the lock 202171202 calculated ||MISC 
and take complete control. For successful exploitation, the 
attacker must be able to touch the lock's power button, and must 
be able to capture BLE network communication. 
elgg -- elgg elgg is vulnerable to Exposure of Private Personal Information to 2021-12-03 not yet -OT 
an Unauthorized Actor calculated CONFIRM 
, P 2 CVE-2021-4005 
eel firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-04 || Notyet CONFIRM 
calculated MISC 
An insufficient session expiration vulnerability exists in Business- 
gmbh -- topease_platform DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27, 2021-11-30 not yet |CVE-2021-42545 
which allows a remote attacker to reuse, spoof, or steal other user calculated |CONFIRM 





























and admin sessions. 
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vulnerabilities leads to account takeover. 

















Primary ae z CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
: HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 
beng ae nomad entersnse 1.2.0, with the QEMU task driver enabled, allowed authenticated 2021-12-03 not yet vie n 
Rh = p users with job submission capabilities to bypass the configured calculated MISC 
allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1. Ea 
Weak Password Requirements vulnerability in Hitachi Energy 
hitachi enéroy foxerx FOX61x, XCM20 allows an attacker to gain unauthorized access notyet CVE-2021-40333 
9y— to the Data Communication Network (DCN) routing configuration. || 2021-12-02 Serie CONFIRM 
This issue affects: Hitachi Energy FOX61x versions prior to R15A. CONFIRM 
Hitachi Energy XCM20 versions prior to R15A. 
Missing Handler vulnerability in the proprietary management 
protocol (port TCP 5558) of Hitachi Energy FOX61x, XCM20 
‘ ; allows an attacker that exploits the vulnerability by activating SSH CVE-2021-40334 
hitachi — energy_fox61x on port TCP 5558 to cause disruption to the NMS and NE 2021-12-02 || Tor vel | |CONFIRM 
communication. This issue affects: Hitachi Energy FOX61x CONFIRM 
versions prior to R15A. Hitachi Energy XCM20 versions prior to 
R15A. 
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site 
request forgery (CSRF) in the My Inbox page which could allow an nótvet CVE-2021-29756 
ibm -- cognos_analytics attacker to execute malicious and unauthorized actions 2021-12-03 acitd CONFIRM 
transmitted from a user that the website trusts. IBM X-Force ID: XF 
202167. 
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level not vet CVE-2021-29716 
ibm -- cognos_analytics user to reas of the application that privileged user should only be 2021-12-03 calculated CONFIRM 
allowed to view. IBM X-Force ID: 201087. XF 
IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that CVE-2021-20470 
ibm -- cognos_analytics users should have strong passwords by default, which makes it 2021-12-03 not yet xE 
easier for attackers to compromise user accounts. IBM X-Force calculated |/~- 
: CONFIRM 
ID: 196339. 
bmi- coanos analytics IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an hot vet CVE-2021-29867 
gnos_ y authenticated to view or edit a Jupyter notebook that they should 2021-12-03 cid CONFIRM 
not have access to. IBM X-Force ID: 206212. XF 
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site 
A ; scripting. This vulnerability allows users to embed arbitrary CVE-2021-38909 
ibm — cognos_analytics JavaScript code in the Web UI thus altering the intended 2021-12-03 || _notyet |CONFIRM 
: : : : $ : re calculated 
functionality potentially leading to credentials disclosure within a XE 
trusted session. IBM X-Force ID: 209706. 
iom<codhos. analytics IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to fot vet CVE-2021-29719 
gnos_ y client side vulnerabilties due to a web response specifying an 2021-12-03 Pelee CONFIRM 
incorrect content type. IBM X-Force ID: 201091 XF 
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site 
ibm- codnos analytics scripting. This vulnerability allows users to embed arbitrary not vet CVE-2021-20493 
gnos_; y JavaScript code in the Web UI thus altering the intended 2021-12-03 esieasied XF 
functionality potentially leading to credentials disclosure within a CONFIRM 
trusted session. IBM X-Force ID: 197794. 
The Kentico Xperience CMS version 13.0 — 13.0.43 is vulnerable 
to a persistent Cross-Site Scripting (XSS) vulnerability (also 
known as Stored or Second-Order XSS). Persistent XSS 
Vulnerabilities occur when the application stores and retrieves 
ae : client supplied data without proper handling of dangerous content. T P 
Reno > xperience This type of XSS vulnerability is exploited by submitting malicious || 2021-12-03 || TOLyet v1 carn 
script content to the application which is then retrieved and ao 
executed by other application users. The attacker could exploit 
this to conduct a range of attacks against users of the affected 
application such as session hijacking, account take over and 
accessing sensitive data. 
libredwg -- libredwg LibreDWG v0.12.3 was discovered to contain a NULL pointer 2021-12-02 not yet |CVE-2021-28236 
dereference via out_dxfb.c. calculated |MISC 
libredwg -- libredwg LibreDWG v0.12.3 was discovered to contain a heap-buffer 2021-12-02 not yet CVE-2021-28237 
overflow via decode_preR13. calculated ||MISC 
librenms -- librenms Librenms 21.11.0 is affected by a path manipulation vulnerability in 2021-12-03 not yet ||CVE-2021-44278 
includes/html/pages/device/showconfig.inc.php. calculated ||MISC 
matyhft -- matyhtf matyhtf framework v3.0.5 is affected by a path manipulation 2021-12-03 not yet |CVE-2021-43676 
vulnerability in Smarty.class.php. calculated |MISC 
NXP LPC55S69 devices before A3 have a buffer over-read via a CVE-2021-40154 
nxp -- Ilpc55s69_devices crafted wlength value in a GET Descriptor Configuration request 2021-12-01 not yet Msc 
during use of USB In-System Programming (ISP) mode. This calculated |h ren 
: MISC 
discloses protected flash memory. 
hparunkuli= Cross-Site Scripting (XSS) and Cross-Site Request Forgery 
Ppa Aes eas (CSRF) vulnerability exits in hostel management system 2.1 via || 5954.45.91 | notyet |CVE-2021-43137 
= 9 SY the name field in my-profile.php. Chaining to this both calculated |MISC 
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Primary oe P CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
CVE-2021-23562 
CONFIRM 
jupload <= pluplóád This affects the package plupload before 2.3.9. A file name natvet CONFIRM 
pre pup containing JavaScript code could be uploaded and run. An 2021-12-03 || dicubted (CONEIRM 
attacker would need to trick a user to upload this kind of file. CONFIRM 
CONFIRM 
CONFIRM 
All versions of package ajaxpro.2 are vulnerable to Deserialization CVE-2021-23758 
plupload -- plupload of Untrusted Data due to the possibility of deserialization of 2021-12-03 not yet CONFIRM 
arbitrary .NET classes, which can be abused to gain remote code calculated || S anieionas 
: CONFIRM 
execution. 
An issue was discovered on Renesas RX65 and RX65N devices. 
renesas -- rx65_and_rx65n_devices||With a VCC glitch, an attacker can extract the security ID key from || 2021-12-02 nate! | eee eee 
: é calculated |MISC 
the device. Then, the protected firmware can be extracted. 
CVE-2021-4000 
Showdoc = showdoe showdoc is vulnerable to URL Redirection to Untrusted Site 2021-12-03 || _notyet CONFIRM 
calculated MISC 
: A Stack-based Buffer Overflow vinerability exists in the Tenda 
tenda=~a¢19 -devices AC15 V15.03.05.18_multi device via the list parameter ina post || 2021-12-03 || Notyet |CVE-2021-44352 
: K calculated ||MISC 
request in goform/SetlpMacBind. 
thinkup -- thinkup ** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is 2021-12-03 not yet ||CVE-2021-43674 
affected by a path manipulation vulnerability in Smarty.class.php. calculated ||MISC 
A reachable assertion vulnerability in Trend Micro Apex One could 
À allow an attacker to crash the program on affected installations, 
trend_micro -- apex_one leading to a denial-of-service (DoS). Please note: an attacker 2021-12-03 Pia ae oo 
must first obtain the ability to execute low-privileged code on the fa. 
target system in order to exploit this vulnerability. 
À : Trend Micro Security 2021 v17.0 (Consumer) contains a 
trendimigro:=:Security-2021 vulnerability that allows files inside the protected folder to be 2021-12-03 |} Totyet eo 
modified without any detection. a 
An unnecessary privilege vulnerability in Trend Micro Worry-Free 
Business Security 10.0 SP1 could allow a local attacker to 
trend -miGrece wen escalate privileges on affected installations. Please note: an ak vet CVE-2021-44021 
Free business paler attacker must first obtain the ability to execute low-privileged code || 2021-12-03 eerie MISC 
= = y on the target system in order to exploit this vulnerability. This MISC 
vulnerability is similar to but not identical to CVE-2021-44019 and 
44020. 
An unnecessary privilege vulnerability in Trend Micro Worry-Free 
Business Security 10.0 SP1 could allow a local attacker to 
trend_micro -- worry- escalate privileges on affected installations. Please note: an ñotvét CVE-2021-44019 
free_business_security attacker must first obtain the ability to execute low-privileged code || 2021-12-03 eed MISC 
on the target system in order to exploit this vulnerability. This MISC 
vulnerability is similar to but not identical to CVE-2021-44020 and 
44021. 
An unnecessary privilege vulnerability in Trend Micro Worry-Free 
Business Security 10.0 SP1 could allow a local attacker to 
trend_micro -- worry- escalate privileges on affected installations. Please note: an not vet CVE-2021-44020 
free_business_ security attacker must first obtain the ability to execute low-privileged code || 2021-12-03 eae MISC 
on the target system in order to exploit this vulnerability. This MISC 
vulnerability is similar to but not identical to CVE-2021-44019 and 
44021. 
Rcmuxencetemuxer tsMuxer v2.6.16 was discovered to contain a heap-based buffer not vet CVE-2021-35346 
overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) || 2021-12-03 A ted MISC 
in hevc.cpp. MISC 
tsmuxer=tsmuüxér tsMuxer v2.6.16 was discovered to contain a heap-based buffer notvét CVE-2021-35344 
overflow via the function BitStreamReader::getCurVal in 2021-12-03 zalc ated MISC 
bitStream.h. i MISC 
tuzicms -- tuzicms SQL Injection vulnerability exists in TuziCMS v2.0.6 in 2021-12-03 not yet ||CVE-2021-44347 
App\Manage\Controller\GuestbookController.class.php. calculated ||MISC 
tuzicms -- tuzicms SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id 2021-12-03 not yet ||CVE-2021-44348 
parameer in App\Manage\Controller\AdvertController.class.php. calculated ||MISC 
Hudisine << tuzicms SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id not yet |CVE-2021-44349 
parameter in 2021-12-03 calculated MISC 
App\Manage\Controller\DownloadController.class.php. e 
Wokka Lokka Q50 devices through 2021-11-30 allow remote 
F attackers (who know the SIM phone number and password) to 
Wokka_lokka -- q50_devices listen to a device's surroundings via a callback in an SMS 2021-12-01 Petia ee i lien 
command, as demonstrated by the 123456 and 523681 default alae 
passwords. 
z-blogphp -- z-blogphp An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 2021-12-02 not yet |CVE-2020-29176 
allows attackers to execute arbitrary code via a crafted JPG file. calculated |MISC 
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zoho -- ; , CVE-2021-42099 
manageengine _m365_manager_plu{0P0 ManageEngine M365 Manager Plus before 4421 is 2021-11-30 not yet CONFIRM 
vulnerable to file-upload remote code execution. calculated Msc 
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